>Looking at logs we see SPAMers that send the same e-Mail to everyone in a
>domain as if they knew all users. Of course they might have obtained this
>from the days we were in Exchange server, but I am just curious if anyone
>can simply harvest all users in a domain?
Unfortunately, it is usually possible for spammers to harvest a large
portion of E-mail addresses from your domain, using a dictionary attack.
In the old days, there was a "VRFY" SMTP command that made it easy for
spammers to determine if addresses were valid. Then, admins disabled
VRFY. All was good for a while, until spammers realized that they could
just use the standard "RCPT TO:" and would get a positive response if the
account existed. This isn't always perfect, as some domains will accept
all mail (and either bounce it later, or keep it at a nobody-type
account). Now that bandwidth is much easier for spammers-for-hire to
steal, they are just blasting their spam to all E-mail addresses they can
make up, not bothering whether or not it gets sent to a valid user.
The only way to prevent them from figuring out the addresses is to use a
"nobody" alias. However, depending on the circumstances, they may end up
with lots of fake addresses on your domain. Someone posted here recently
that they have millions of addresses from their domain on a CD-ROM being
sold to spammers, because they had used the "nobody" alias.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit the Knowledge Base for answers to frequently asked
questions: http://www.ipswitch.com/support/IMail/
